Commit 84ff0075 authored by Georg Koppen's avatar Georg Koppen
Browse files

Bug 21396: Allow leaking of resource/chrome URIs

Our work around for https://bugzilla.mozilla.org/show_bug.cgi?id=863246
is filtering content requests to resource:// and chrome:// URIs in a way
that neuters this fingerprinting vector while not breaking standard Tor
Browser functionality.

However, there are extensions like Session Manager that are broken with
this strategy. Users who think having extensions like that one working
is much more important than avoiding the possible information leakage
associated with that get a preference they can toggle now.

'extensions.torbutton.resource_and_chrome_uri_fingerprinting' is by
default 'false' but setting it to 'true' effectively disables our
defense we developed in #8725 and related bugs.
parent 6942113d
......@@ -12,8 +12,16 @@ const Cc = Components.classes, Ci = Components.interfaces, Cu = Components.utils
// Import XPCOMUtils object.
Cu.import("resource://gre/modules/XPCOMUtils.jsm");
let { bindPrefAndInit } =
Cu.import("resource://torbutton/modules/utils.js", {});
function ContentPolicy() {}
function ContentPolicy() {
this.uriFingerprinting = null;
bindPrefAndInit("extensions.torbutton.resource_and_chrome_uri_fingerprinting",
function (enabled) {
this.uriFingerprinting = enabled;
});
}
ContentPolicy.prototype = {
classDescription: "ContentPolicy",
......@@ -44,9 +52,13 @@ ContentPolicy.prototype = {
shouldLoad: function(aContentType, aContentLocation, aRequestOrigin, aContext, aMimeTypeGuess, aExtra) {
// Accept if no content URI or scheme is not a resource/chrome.
if (!aContentLocation || !(aContentLocation.schemeIs('resource') || aContentLocation.schemeIs('chrome')))
// Accept if the user does not care, no content URI is available or scheme
// is not resource/chrome.
if (this.uriFingerprinting || !aContentLocation ||
!(aContentLocation.schemeIs('resource') ||
aContentLocation.schemeIs('chrome'))) {
return Ci.nsIContentPolicy.ACCEPT;
}
// Accept if no origin URI or if origin scheme is chrome/resource/about.
if (!aRequestOrigin || aRequestOrigin.schemeIs('resource') || aRequestOrigin.schemeIs('chrome') || aRequestOrigin.schemeIs('about'))
......
......@@ -39,6 +39,7 @@ pref("extensions.torbutton.startup_state", 2); // 0=non-tor, 1=tor, 2=last
pref("extensions.torbutton.tor_memory_jar",false);
pref("extensions.torbutton.nontor_memory_jar",false);
pref("extensions.torbutton.launch_warning",true);
pref("extensions.torbutton.resource_and_chrome_uri_fingerprinting",false);
// Opt out of Firefox addon pings:
// https://developer.mozilla.org/en/Addons/Working_with_AMO
pref("extensions.torbutton@torproject.org.getAddons.cache.enabled", false);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment